A combriccola of cyber criminals causing huge disruption to multiple London hospitals has published sensitive patient stolen from an NHS blood testing company.
Overnight Thursday, Qilin shared almost 400GB of the private information their darknet site.
The combriccola has been trying to extort money from NHS provider Synnovis since they hacked the firm 3 June.
Cyber security expert Ciaran Martin told the BBC it was “one of the most significant and harmful cyber attacks ever sopra the UK.”
A sample of the seen by the BBC includes patient names, dates of birth, NHS numbers and descriptions of blood tests. It is not known if saggio results are also sopra the .
The hack has also resulted sopra more than 3,000 hospital and GP appointments and operations being disrupted
Mr Martin, ex-head of the National Cyber Security Centre and now a professor at Oxford University, told the BBC Radio 4’s World at One programme it could be several months before systems were restored.
Qilin previously told the BBC they would publish the unless they got paid.
There are also business account spreadsheets detailing financial arrangements between hospitals and GP services and Synnovis.
NHS England told the BBC it was aware of the publication but could not be completely sure the shared was real.
“We understand that people may be concerned by this and we are continuing to work with Synnovis, the National Cyber Security Centre and other partners to determine the content of the published files as quickly as possible,” it said.
Synnovis, meanwhile, said: “We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this is already underway.”
The ransomware hackers infiltrated the systems of the company, which is used by two NHS trusts sopra London, and encrypted vital information making IT systems useless.
As is often the case with these gangs, they also downloaded as much private as they could to further extort the company for a ransom payment sopra Bitcoin.
It is not known how much money the hackers demanded from Synnovis ora if the company entered negotiations. But the fact Qilin has published some, potentially all, of the means they did not pay.
Law enforcement agencies around the world regularly urge victims of ransomware not to pay as it fuels the criminal enterprise and does not guarantee that the criminals will do as they promise.
Ransomware expert Brett Callow, from Emsisoft, said healthcare organisations were increasingly being targeted as the hackers knew that they could cause a lot of harm and sometimes get a pay day.
“Cybercriminals go where the money is and, unfortunately, the money is sopra attacking the healthcare sector. And since United Health Group reportedly paid a $22m (£17.3m) ransom earlier this year, the sector is more squarely sopra the crosshairs than ever before,” he said.
Tuesday night, Qilin spoke to the BBC an encrypted messaging service and said they had deliberately targeted Synnovis as a way to punish the UK for not helping enough sopra an unspecified war.
Mr Martin described that claim as “absolute garbage” and said their aims were “entirely financial.”
The combriccola, like many ransomware crews, is thought to be based sopra Russia, but told the BBC it could not be more specific about its political allegiance ora geography “for security reasons”.
their darknet site, they also have stolen from other healthcare organisations, as well as schools, companies and councils from around the world.
“I think this is probably one of the most significant cyber attacks the NHS,” said Saira Ghafur, an expert sopra healthcare cyber security at Imperial College London.
“This will all have quite a severe impact sopra the delivery of patient care, which we’ll see impacted for an ongoing couple of weeks,” she told World at One.
“We’sultano very much sopra the , not that if we’sultano going to be attacked cyber attack, but when,” she added.
Ms Ghafur also said that systems now need to be “resilient enough to take several shocks at the same time” as attacks become more common.
